Quick summary: NationFiles runs DataSourceConnectors on a one-minute cron cadence, versions the NationFiles Stability Index as NFSI v2.5 across three layers (connector row → nfsi_connector → nfsi_country), and applies Last-Known-Value with up to a 24-hour grace window when sources fail. The public source registry is at /legal/sources/; binding legal text remains in the designated language versions and linked detail pages. Publisher: Neawolf Media Group (Germany).
Connectors and datasets are named in the registry at /legal/sources/, including methodology and licensing pointers.
Traceability
Governance copy describes roles, logging principles, and limits of automated analytics – it does not replace case-specific advice.
Personal data
Processing follows the stated legal bases; details are in the privacy policy.
Disclaimer
This is transparency and governance information, not individual legal counsel.
Neawolf Media Group is a German company. Only the German text is legally binding. Place of jurisdiction is Germany (Aachen).
Source registry and data freshness: All data sources are loaded dynamically from the DataSourceConnector Audit and published under Legal → Data Sources. Update guarantees: real-time (Forex/Crypto) and structural (World Bank, demographics).
Resilience and human-in-the-loop: In case of API failures, the Last Known Value procedure applies (grace mode up to 24h). Automated anomaly detection for extreme score fluctuations, including manual quality checks.
Infrastructure and audit: Own infrastructure only in Germany (Contabo); SSL/TLS for all data streams, database isolation (VPC). Historical snapshots for gapless audit trails (Enterprise).
Methodology and control processes: Stability algorithm NFSI version 2.5 (explicitly versioned). Cron-driven fetch, Lock/LastRun, optional Queue (FIFO); quality per source (sourceQuality) and stability index (NFSI) according to documented methodology.
Source registry
Public source directory and data freshness
The Legal → Data Sources page lists all active DataSourceConnectors (SourceNodes) with provider, license, endpoint, update interval and last fetch (UTC). Data freshness: real-time guarantee for Forex/Crypto streams; structural updates for World Bank, UN and demographic data according to source rhythm. New connectors appear automatically in the registry.
Control processes
Execution, resilience and integrity
Data fetch is triggered by Cron (every minute). getRunnableInstances() decides based on Cron expression and LastRun whether a connector runs. On primary source failure: Last Known Value procedure (last valid record, grace mode up to 24h), automatic retries, monitoring and alerts. Lock files prevent duplicate runs; optional FIFO queue (pending.json, running.json) with worker lock, max. 5 parallel jobs.
Transparency
Transparency and auditability
Licenses and provider links per source are mandatory. The source registry is ad-free and serves traceability. Historical snapshots are stored for gapless audit trails (Enterprise feature). Personal or security-relevant feeds (e.g. INTERPOL, FBI) are mentioned in the privacy policy and the source registry.
DataSourceConnector
DataSourceConnector technology and human-in-the-loop
Base class DataSourceConnector.php with traits (Database, Api, CronMail). Each connector: SourceNode//Connector.php with getTableSchema() and execute(). Automatic detection of extreme score fluctuations with optional manual quality review (human-in-the-loop). Discovery is automatic; table prefix datasource_; logs and temp under run/, log/, /tmp/DataSourceConnector.
Stability index (NFSI)
NationFiles Stability Index (NFSI) v2.5
The stability methodology is explicitly versioned (NFSI v2.5). Only connectors with scoreValue ≥ 0 are included in the stability index. Layer 1: row score per connector table; Layer 2: aggregation per connector/country/date (nfsi_connector); Layer 3: country score (nfsi_country). Source quality (sourceQuality 0–100) and weight are defined per SourceNode.
Data ethics
Data ethics and infrastructure security
Data are only read from public or licensed sources. No transfer of user data to third parties for training. Infrastructure: SSL/TLS encryption for all data streams, database isolation (VPC). Processing and storage in Germany; retention and purpose limitation as described in the privacy policy.
International standards & alignment
NIST AI RMF Alignment
The development and operational lifecycle of the Naciro Engine and the NationFiles platform are strictly aligned with the NIST AI Risk Management Framework (AI RMF 1.0). Our commitment to trustworthy AI is reflected in our deterministic LPU-based inference architecture, which addresses the core NIST functions:
GOVERN: Establishing a culture of risk management and transparency in geopolitical data fusion.
MAP: Identifying and context-aware mapping of global signals to prevent bias and misinformation.
MEASURE: Utilizing the NationFiles Stability Index (NFSI) as a quantitative metric for continuous system evaluation.
MANAGE: Deploying robust, zero-knowledge infrastructure to prioritize data security and system resilience.
Support for UN Sustainable Development Goals
NationFiles and the Naciro Engine actively support the United Nations 2030 Agenda for Sustainable Development. Our real-time intelligence specifically contributes to SDG 16: Peace, Justice, and Strong Institutions.
By providing high-frequency, objective stability data (NFSI), we facilitate:
SDG 16.a: Strengthening national institutions through predictive layers to prevent instability and conflict.
SDG 16.6: Developing effective, accountable, and transparent data structures at all levels.
SDG 16.10: Ensuring public access to information and protecting fundamental freedoms through machine-readable, verifiable data lineage.
Technical Interoperability & FAIR Principles
To ensure global scientific collaboration, the NationFiles Stability Index (NFSI) dataset is designed according to the FAIR Principles (Findable, Accessible, Interoperable, and Reusable).
Our data schemas and metadata documentation are optimized for interoperability with the NASA Socioeconomic Data and Applications Center (SEDAC) standards. This technical alignment ensures that Naciro's predictive outputs can be seamlessly integrated into broader scientific research involving global environmental and socioeconomic changes.
Data governance and control processes in detail
Sources, provenance and data flow
01
Source registry
The public source directory under Legal → Data Sources is fed from the DataSourceConnector system. Each source shows connector_id, provider, license, endpoint, Cron interval and last fetch (UTC).
02
License and provider
Per SourceNode, provider_name, provider_link, provider_license and optionally provider_license_link are defined. The license link must not be empty (fallback: provider website). These details appear on the Data Sources page and support transparency and rights-holder communication.
03
Discovery
New connectors are discovered via SourceNode/[Name]/[Name]Connector.php. Only non-abstract subclasses with ACTIVE = true are considered in Cron and Audit. No manual entry in a central list.
04
Source provenance classification
All data sources are classified: Primary Official Data (authorities, UN, World Bank, INTERPOL); Licensed Data (commercial providers); Public Open Data (open data portals); Derived Data (computed values such as NFSI, indices, aggregations); Community Signals (voting, crowd inputs). Purpose: transparency on origin, quality and reliability.
05
High-level data flow
Data flow is traceable for auditors and authorities: Source → DataSourceConnector → Audit → Database → Naciro Engine → API/Dashboard. No transfer of user data to external systems; read-only access to sources.
Execution, resilience and retention
01
Cron and run decision
The runner is invoked every minute. getRunnableInstances() filters by Cron expression, LastRun and optional catch-up interval. Per connector: acquire lock, run execute(), set LastRun, write log, release lock. Maximum runtime per run is limited (DATA_SOURCE_CONNECTOR_MAX_RUNTIME).
02
Queue and worker
In queue mode, due connector IDs are enqueued in a FIFO queue (pending.json). A worker with worker lock runs up to DATA_SOURCE_CONNECTOR_PARALLEL_MAX jobs in parallel. Running jobs are listed in running.json; when one finishes, the next is started from the queue.
03
Source quality (sourceQuality)
Each SourceNode can set sourceQuality 0–100 (e.g. 0–20 private, 21–49 community, 50 neutral, 51–69 enterprise, 70–84 university, 85–100 government). It is used for classification and can be used when multiple sources exist for the same value.
04
Error and failure management (resilience & failover)
On source failure: grace mode with last valid record up to 24h (Last Known Value). Automatic retries with backoff; monitoring and alerts on sustained failures. No propagation of stale values beyond the defined grace period.
05
Retention matrix
Raw data: 7–30 days (re-evaluation). Aggregated data: unlimited for statistical models. Logs: 30–90 days (debugging, compliance). Contact requests: 6 months (support). Details in the privacy policy; GDPR-compliant.
06
Re-evaluation cycle (24h/7d)
Daily global re-evaluation; 7-day predictive layer for stability forecasts. Update intervals per source are documented in the source registry (Legal → Sources). Methodological transparency for auditors and authorities.
Stability index, audit, security and ethics
01
NFSI inclusion and methodology versioning
Stability algorithm NFSI version 2.5 (explicitly versioned). Only connectors with getStabilityWeight() or scoreValue ≥ 0 are included in the NFSI calculation (Layers 1–3). scoreValue = -1 means not in the stability index. The exact methodology is described in the project documentation (NFSI_BERECHNUNG_LAYER_1-3.md).
02
Auditability (historical snapshots)
Historical snapshots are stored for gapless audit trails (Enterprise feature). Changes to methodology, new/removed connectors, NFSI adjustments and API changes are versioned and traceable in an audit-proof manner.
03
Human-in-the-loop (anomaly detection)
Automatic detection of extreme score fluctuations; optional manual quality review when defined thresholds are exceeded. No automated individual decision without documented review option (Art. 22 GDPR).
04
No training on user data
Personal data from contact form or usage are not sent to external AI or training APIs. Naciro uses only the documented data streams and analysis logic; no profiling based on user behaviour.
05
Storage location and deletion
Processing and storage take place on own infrastructure in Germany (Contabo). Retention for contact requests and logs is set out in the privacy policy. Aggregated source data are subject to the respective source licenses and operational requirements.
06
Bias control and fairness
No personal data for scoring; no profiling; no political classifications; no discriminatory models. All indices and scores are based on aggregated, public or licensed data. Purpose: ethics and press trust.
07
Security measures (security governance)
API key security (no disclosure, isolated storage). Rate limits (Gatekeeper v3.7) and abuse protection. Continuous monitoring and access control. SSL/TLS for all data streams; database isolation (VPC). Purpose: trust for banks, insurers and authorities.
08
Limitations statement
Forecasts and stability indices are model-based evaluations. They do not constitute official warnings or recommendations for action. No guarantee is given for completeness, timeliness or fitness for particular decisions. Legal safeguard; details in the terms and conditions and privacy policy.
09
Governance contact
A dedicated governance contact is available for authorities, press and auditors. Inquiries regarding methodology, audit trails and compliance are processed with priority. Contact details see imprint and privacy contact (Legal).
Please accept all cookies to view this content from ##HOSTNAME##.
